END_TEST
START_TEST(test_fail_wordmatch)
{
int i;
/*
* Please note that all strings are \ escaped
*/
const char *tests[][2] = {
{ "-test", "this is a test" },
{ "", "test" },
{ "test|not", "negative" },
{ "test", "" },
{ "^test", "starttest" },
{NULL,NULL},
};
for(i=0; tests[i][0] != NULL ; i++) {
ck_assert_msg(!OS_WordMatch(tests[i][0],tests[i][1]),
"%s should not match positive with %s by OS_WordMatch",
tests[i][0], tests[i][1]);
}
}
END_TEST
START_TEST(test_success_wordmatch)
{
int i;
/*
* Please note that all strings are \ escaped
*/
const char *tests[][2] = {
{ "test", "this is a test" },
{ "test", "thistestiswithoutspaces" },
{ "test|not", "test" },
{ "test|not", "not" },
{ "^test", "test on start" },
{NULL,NULL},
};
for(i=0; tests[i][0] != NULL ; i++) {
ck_assert_msg(OS_WordMatch(tests[i][0],tests[i][1]),
"%s should match positive with %s by OS_WordMatch",
tests[i][0], tests[i][1]);
}
}
/* Search all rules, including childs */
int _AddtoRule(int sid, int level, int none, char *group,
RuleNode *r_node, RuleInfo *read_rule)
{
int r_code = 0;
/* If we don't have the first node, start from
* the beginning of the list
*/
if(!r_node)
{
r_node = OS_GetFirstRule();
}
while(r_node)
{
/* Checking if the sigid matches */
if(sid)
{
if(r_node->ruleinfo->sigid == sid)
{
/* Assign the category of this rule to the child
* as they must match
*/
read_rule->category = r_node->ruleinfo->category;
/* If no context for rule, check if the parent has
* and use it.
*/
if((!read_rule->last_events && read_rule->context) && r_node->ruleinfo->last_events)
{
read_rule->last_events = r_node->ruleinfo->last_events;
}
r_node->child=
_OS_AddRule(r_node->child, read_rule);
return(1);
}
}
/* Checking if the group matches */
else if(group)
{
if(OS_WordMatch(group, r_node->ruleinfo->group) &&
(r_node->ruleinfo->sigid != read_rule->sigid))
{
/* If no context for rule, check if the parent has
* and use it.
*/
if((!read_rule->last_events && read_rule->context) && r_node->ruleinfo->last_events)
{
read_rule->last_events = r_node->ruleinfo->last_events;
}
/* We will loop on all rules until we find */
r_node->child =
_OS_AddRule(r_node->child, read_rule);
r_code = 1;
}
}
/* Checking if the level matches */
else if(level)
{
if((r_node->ruleinfo->level >= level) &&
(r_node->ruleinfo->sigid != read_rule->sigid))
{
r_node->child=
_OS_AddRule(r_node->child, read_rule);
r_code = 1;
}
}
/* If we are not searching for the sid/group, the category must
* be the same.
*/
else if(read_rule->category != r_node->ruleinfo->category)
{
r_node = r_node->next;
continue;
}
/* If none of them is set, add for the category */
else
{
/* Setting the parent category to it */
read_rule->category = r_node->ruleinfo->category;
r_node->child =
_OS_AddRule(r_node->child, read_rule);
return(1);
}
/* Checking if the child has a rule */
if(r_node->child)
{
if(_AddtoRule(sid, level, none, group, r_node->child, read_rule))
{
r_code = 1;
}
}
r_node = r_node->next;
}
return(r_code);
}
